‘Honey Trap’ Sites Recruiting Israeli Spies

Websites are offering work to Iranians and Iranian proxies in Syria and Lebanon as spies for Israel and these offers are believed to be a counter-intelligence effort driven by Iran's security services.

Investigators at online news website, The Daily Beast, have found the sites as part of an investigation into a series of apparent phishing websites that spoofed think tanks and news organisations focused on the Middle East and national security.  Those sites include domains meant to trick users into believing they were associated with prestigious news outlets across the Middle East.

At least 16 sites were identified using the same proposition, phrasing, logos, phone numbers to lure people working in sensitive security jobs in the Hezbollah terror group in Palestine, the Assad regime in Syria, or in Iran itself. Neither the cyber security firm Mandiant, nor Google or Facebook, where the sites had accounts, were able to identify who lies behind the phishing domains.

The recruiting sites have surfaced and disappeared over a four-year period, targeting users in Iran, Syria, and Lebanon through Google Ads.

Displaying a picture of the Israeli flag and a contact number with an Israeli country code, a website called 'VIP Human Solutions’  advertises itself as the “VIP center for recruitment of the most distinguished in the military and security services of Syria and Hezbollah in Lebanon” that “specialises in research and consultancies in the studies of security and political science in all corners of the world." The Human Solutions’ site promises rapid hiring decisions and big salaries.

Security researchers suspect the intelligence job sites are part of an Iranian counter intelligence effort and say that certain that  these websites are fake and have no  connection to Israel’s genuine  spy services.

The Israel Defence Force (IDF) has previously uncovered a scam by Hamas militants to spy on its soldiers by hacking their mobile phones after posing as women on social media. Members of the Palestinian group found the soldiers online, then tried to strike up a friendship using the fake identities and dozens of IDF soldiers were persuaded to install an application that controlled their phone cameras and microphones.

The Israeli National Cyber Directorate has issued a general warning to Israeli businesses to be aware of potential cyber attacks, as the country faced an uptick in hacking attempts. In December last year, Israeli cyber security firm Check Point said that a hacking group identified with the Iranian regime was aiming to attack Israeli targets.

Daily Beast:     Times of Israel:     Media Line:      BBC

You Might Also Read:

Israel & Iran Locked In Cyber Conflict:

 

« Ransomware Attack On French Ministry of Justice
Britain's Cyber Security Strategy Focuses On Resilience »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NQA Certification

NQA Certification

NQA provides certification to a range of ISO standards including ISO 27001 for information security management.

Thinklogical

Thinklogical

Thinklogical manufactures secure, KVM, video, audio, and computer peripheral signal switching solutions for defence C4ISR applications.

Auth0

Auth0

Auth0 is a cloud service that provides a set of unified APIs and tools that instantly enables single sign-on and user management for any application, API or IoT device.

Puleng Technologies

Puleng Technologies

Puleng provides customers with a client-centric strategy to manage and secure the two most valuable assets an organisation has - its Data and Users.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Oceania Cyber Security Centre (OCSC)

Oceania Cyber Security Centre (OCSC)

OCSC engages with government and industry to conduct research, develop training opportunities and build capacity for responding to current and emerging cyber security issues.

Plug and Play Tech Center

Plug and Play Tech Center

Plug and Play is the ultimate innovation platform, bringing together the best startups and the world’s largest corporations.

SIRP Labs

SIRP Labs

SIRP is a Risk-based Security Orchestration, Automation and Response (SOAR) platform that fuses essential cybersecurity information to enable a unified cyber response.

ShieldApps

ShieldApps

ShieldApps comprehensive suite of products is designed to protect your personal devices from privacy threats, including hacking attempts, online tracking, fingerprinting, phishing, malware, and more.

Knowledge Lens

Knowledge Lens

Knowledge Lens builds innovative solutions on niche technology areas such as Big Data Analytics, Data Science, Artificial Intelligence, Internet of Things, Augmented Reality, and Blockchain.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Gogolook

Gogolook

Gogolook is a leading TrustTech company. With "Build for Trust" as its core value, it aims to create an AI- and data-driven global anti-fraud network as well as Risk Management as a Service.

Raito

Raito

Raito's unique solution integrates with the data development process and lets data teams monitor, manage, and automate data security across the data stack.

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions is a managed security service provider that humanizes cybersecurity managed services to the Small-to-Medium Business (SMB) and Small-to-Medium Enterprise (SME) sectors.

Compugen Systems Inc (CSI)

Compugen Systems Inc (CSI)

Compugen Systems is an IT service delivery company that focuses on enabling your business outcomes.

Cyberus

Cyberus

Cyberus brings together industry, business, and government to collaboratively create a secure digital future for Russia and the world.